package com.liu.shiro;

import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;

import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;

public class CustomRealm extends AuthorizingRealm {

    Map<String,String> userInfo = new HashMap<>();
    {
        userInfo.put("jack","456");
        userInfo.put("lyj","888");
    }

    // 用户和权限
    private final Map<String, Set<String>> permissionMap = new HashMap<>();
    {
        Set<String> set1 = new HashSet<>();
        Set<String> set2 = new HashSet<>();
        set1.add("video:find");
        set1.add("video:buy");
        set2.add("video:add");
        set2.add("video:delete");
        permissionMap.put("jack",set1);
        permissionMap.put("lyj",set2);
    }

    // 用户和角色
    private final Map<String, Set<String>> roleMap = new HashMap<>();
    {
        Set<String> set1 = new HashSet<>();
        Set<String> set2 = new HashSet<>();
        set1.add("role1");
        set1.add("role2");
        set2.add("root");
        roleMap.put("jack",set1);
        roleMap.put("lyj",set2);
    }


    //进行权限校验的时候会调用 -- 授权
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        System.out.println("授权 -- doGetAuthorizationInfo");

        String name = (String) principalCollection.getPrimaryPrincipal();
        Set<String> permissions = getPermissonByName(name);
        Set<String> roles = getRoleByName(name);
        SimpleAuthorizationInfo simpleAuthorizationInfo =
                new SimpleAuthorizationInfo();
        simpleAuthorizationInfo.setRoles(roles);
        simpleAuthorizationInfo.setStringPermissions(permissions);

        return simpleAuthorizationInfo;
    }



    //当用户登陆的时候会调用 -- 认证
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        System.out.println("认证 -- doGetAuthenticationInfo");
        // 从token中获取身份信息，token代表用户输入的信息
        String name = (String) authenticationToken.getPrincipal();

        String pwd = getPwdByUserName(name);

        if(pwd == null || "".equals(pwd)){
            return null;
        }

        SimpleAuthenticationInfo simpleAuthenticationInfo =
                new SimpleAuthenticationInfo(name,pwd,this.getName());
        return simpleAuthenticationInfo;
    }


    // 模拟从数据库取出密码
    public String getPwdByUserName(String name) {
        String pwd = userInfo.get(name);
        return pwd;
    }

    //模拟从数据库获取权限集合
    public Set<String> getPermissonByName(String name) {
        return permissionMap.get(name);
    }

    //模拟从数据库获取角色集合
    private Set<String> getRoleByName(String name) {
        return roleMap.get(name);
    }
}

